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starting a consumer's wallet program in said consumer's computer in response to said wallet 
initiation message; 

sending from said consumer's computer consumer identity and authentication information 
and said merchant message, to an issuer gateway for an issuing bank; 

the issuing bank creating a reference number or value representing the consumer's credit 
or debit card number by preparing a table of credit card or debit card numbers and a 
corresponding table of reference numbers, the issuing bank pairing the consumer's card number 
with a selected reference number and outputting the reference number to the issuer gateway; 

verifying at said issuer gateway said merchant's signature to prove that the consumer is 
dealing with the actual merchant and validating at said issuer gateway the merchant's certificate 
and the acquirer's certificate to prove that the merchant and issuer share a common financial 
arrangement; 

said issuer gateway verifying the consumer's account and ensuring that fimds and/or 
credit are available to support the payment amount, then authorizing payment by sending to the 
consumer over said internet network an authorization token, an issuer's digital certificate, said 
wallet initiation message, and a reference to said consumer's credit or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce plus a merchant identifier and a reference to the consumer's credit or debit card 
number; and 

said merchant's computer receiving said authorization token and fulfilling said order 
description. 

2. The method for electronic commerce of claim 1, which further comprises: 
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starting a consumer*s wallet program in said consumer's computer in response to said wallet 
initiation message; 

sending from said consumer's computer consumer identity and authentication information 
and said merchant message, to an issuer gateway for an issuing bank; 

the issuing bank creating a reference number or value representing the consumer's credit or debit 
card number by preparing a table of credit card or debit card numbers and a corresponding table 
of reference numbers, the issuing bank pairing the consumer's card number with a selected 
reference number and outputting the reference number to the issuer gateway; 

verifying at said issuer gateway said merchant's signature to prove that the consumer is 
dealing with the actual merchant and validating at said issuer gateway the merchant's certificate 
and the acquirer's certificate to prove that the merchant and issuer share a common financial 
arrangement; 

said issuer gateway verifying the consumer's account and ensuring that funds and/or 
credit are available to support the payment amount, then authorizing payment by sending to the 
consumer over said internet network or directly to the merchant an authorization token, an 
issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit 
or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce plus a merchant identifier and a reference to the consumer's credit or debit card 
number; and 

said merchant's computer receiving said authorization token and fulfilling said order 
description. 
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2. The method for electronic commerce of claim 1, which further comprises: 
sending from said consumer's computer a start message over the intemet network to the 
merchant's computer, to initiate said merchant's message. 



3. The method for electronic commerce of claim 1, wherein said wallet initiation message 
includes a nonce. 



4. The method for electronic commerce of claim 1, wherein said merchant's computer 
further performs the steps comprising: 

receiving said authorization token; 

verifying the issuer's signature, digital certificate, the payment amount and merchant 
identity in the authorization token; 

verifying the freshness of the authorization token via the timestamp in the token; 
using the nonce in the authorization token to recognize duplicate tokens; and 
fulfilling said order description. 



5. The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is a userid and a password. 

6. The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is an ATM debit card number and PIN. 
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7. The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is a smart card*s account number and a symmetric Message 
Authentication Code (MAC). 

8. The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is a smart card's account number and an asymmetric digital signature. 

9. The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is a consumer's digital signature and digital certificate. 

10. The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is a consumer's digital certificate and matching asymmetric digital 
signature. 

1 1 . The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is a user account number and a symmetric MAC or asymmetric 
digital signature. 

12. The method for electronic commerce of claim 1, wherein said consumer identity and 
authentication information is a user account number and an asymmetric digital signature. 

13. The method for electronic commerce of claim 1, wherein said consumer identity 
information is a consumer's biometric signal. 
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14. The method for electronic commerce of claim 1, wherein said issuer gateway sends said 
authorization token to said consumer, and the consumer forwards said authorization token to said 
merchant. 

15. The method for electronic commerce of claim 1, wherein said issuer gateway sends said 
authorization token directly to said merchant. 

16. The method for electronic commerce of claim 1, wherein said reference to said credit 
card is an alias card number that is mapped at the issuing bank to the real card number, thereby 
preventing use of the consumer's credit card number without said authorization token. 

17. The method for electronic commerce of claim 1, wherein said reference to said card is an 
authorization number allocated uniquely by the issuer gateway for each authorization, enabling it 
to be passed by an acquirer gateway back to the issuing bank in a capture message; 

said issuing bank maintaining a database mapping authorization numbers to card 
numbers, so that when the issuing bank receives the capture message, it uses the database 
mapping to determine the consumer's card number. 

18. The method for electronic commerce of claim 9, wherein said authorization token 
includes a dummy card number for use in routing payment to an appropriate one of a plurality of 
issuing banks; 

said dummy card number being shared among all cardholders of a particular issuing 

bank. 
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19. The method for electronic commerce of claim 1, which further comprises: 

a digital certificate hierarchy that covers issuing banks, acquiring banks, and merchants. 

20. The method for electronic commerce of claim 19, wherein said certificate hierarchy is 
used with public-key digital signatures to identify said merchant and said issuing bank. 

21. The method for electronic commerce of claim 20, wherein said certificates represent 
common financial agreements and obligations among said merchant and said issuing bank. 

22. The method for electronic commerce of claim 21, wherein the issuing bank certificates 
identify and help authenticate issuing banks to merchants, providing a basis for the merchants to 
trust the authorization tokens provided by the issuing banks. 

23. The method for electronic commerce of claim 22, wherein an acquiring bank certificate 
and a merchant certificate identify and help authenticate said acquiring bank and said merchant 
to issuing banks; 

said merchant certificate identifying the merchant to the consumer and verifying that the 
merchant is a valid participant of a payment scheme, before the issuing bank provides said 
authorization token. 

24. The method for electronic commerce of claim 1, wherein split shipments are supported 
by an additional message interaction between the merchant and issuer gateway, comprising: 
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the merchant sending the authorization token to the issuer gateway identified in the issuer's 
digital certificate, including details of a split requirement, such as the amount of a first payment, 
the merchant authenticating the request by signing it and including the merchant's digital 
certificate; 

the issuer gateway verifying that the merchant signing message is the same merchant that 
signed an original request, verifying the split request according to business and risk management 
policies, and responding with a new authorization token in a message to the merchant; 

the merchant forwarding the new authorization token in a capture message the acquirer 
gateway; 

the merchant resubmitting the new authorization token to the acquirer gateway in a 
second message, whenever the merchant has shipped a second part of the shipment. 

25. The method for electronic commerce of claim 1, Japanese Payment Options are provided, 
comprising: 

the issuer offering special payment arrangements to the consumer, conditioned on the 
merchant name from the merchant's digital certificate and the amount of payment from the 
initiation message. 

26. A system for electronic commerce, comprising: 

connecting apparatus which forms a four party payment protocol for electronic sales including a 
consumer's computer coupled to a merchant's computer and to an issuing bank computer via an 
issuer gateway, the merchant computer being further coupled to an acquiring bank computer; 
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the merchant*s computer sending over an internet network to the consumer's computer, a 
merchant message including a wallet initiation message, a merchant digital signature, and a 
digital certificate from an acquiring bank, said wallet initiation message including a payment 
amount, an order description, and a timestamp; 

the consumer's wallet program in said consumer's computer responsive to said wallet 
initiation message, for sending from said consumer's computer consumer identity and 
authentication information and said merchant message, to the issuer gateway for an issuing bank; 

the issuing bank creating a reference number or value representing the consumer's credit 
or debit card number by preparing a table of credit card or debit card numbers and a 
corresponding table of reference numbers, the issuing bank pairing the consumer's card number 
with a selected reference number and outputting the reference number to the issuer gateway; 

the issuer gateway verifying said merchant's signature to prove that the consumer is 
dealing with the actual merchant and validating at said issuer gateway the merchant's certificate 
and the acquirer's certificate to prove that the merchant and issuer share a common financial 
arrangement; 

said issuer gateway verifying the consumer's account and ensuring that funds and/or 
credit are available to support the payment amount, then authorizing payment by sending over 
said internet network an authorization token, an issuer's digital certificate, said wallet initiation 
message, and a reference to said consumer's credit or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce plus a merchant identifier and a reference to the consumer's credit or debit card 
number; 



20276_1 



8 




Serial No.: 09/221,869 Docket No. SE9-98-031 (1963-7291) 

said merchant's computer receiving said authorization token and fuIfilHng said order description ; 
and 

said merchant sending a capture request message including the reference number 
representing the consumer's card number over the internet to an acquirer gateway operating on 
behalf of an acquirer bank to capture the transaction and disburse payment to the merchant. 

27. A computer program product, comprising: 
computer program code forming a four party payment protocol for electronic sales including a 
consumer's computer coupled to a merchant's computer and to an issuing bank computer via an 
issuer gateway , the merchant computer being further coupled to an acquiring bank computer; 

computer program code means for sending from the merchant's computer over an internet 
network to the consumer's computer, a merchant message including a wallet initiation message, a 
merchant digital signature, and a digital certificate from an acquiring bank, said wallet initiation 
message including a payment amount, an order description, and a timestamp; 

computer program code means for starting a consumer's wallet program in said 
consumer's computer in response to said wallet initiation message; 

computer program code means for sending from said consumer's computer consumer identity 
and authentication information and said merchant message, to the issuer gateway for an issuing 
bank; 

computer program code at the issuing bank creating a reference number or value 
representing the consumer's credit or debit card number by preparing a table of credit card or 
debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the 
consumer's card number with a selected reference number and outputting the reference number 
to the issuer gateway; 
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computer program code verifying at said issuer gateway said merchant*s signature to 
prove that the consumer is dealing with the actual merchant and validating at said issuer gateway 
the merchant's certificate and the acquirer's certificate to prove that the merchant and issuer 
share a common financial arrangement; 

said issuer gateway verifying the consumer's account and ensuring that funds and/or 
credit are available to support the payment amount, then authorizing payment by sending over 
said internet network an authorization token, an issuer's digital certificate, said wallet initiation 
message, and a reference to said consumer's credit or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce plus a merchant identifier and a reference to the consumer's credit or debit card 
number; 

said merchant's computer receiving said authorization token and fulfilling said order 
description; and 

computer program code at the acquiring bank settling accounts with the issuing bank 
over a private network by sending a settlement message that includes the reference number to 
the consumer's card number. 

28. A data processing system for electronic commerce, comprising: 

connecting apparatus which forms_a four party payment protocol for electronic sales including a 
consumer's computer coupled to a merchant's computer and to an issuing bank computer via an 
issuer gateway, the merchant computer being further coupled to an acquiring bank computer; 

sending apparatus which sends from a merchant's computer over an internet network to a 
consumer's computer, a merchant message including a wallet initiation message, a merchant 
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digital signature, and a digital certificate from an acquiring bank, said wallet initiation message 
including a payment amount, an order description, and a timestamp; 

means for starting a consumer's wallet program in said consumer's computer in response 
to said wallet initiation message; 

means for sending from said consumer's computer consumer identity and authentication 
information and said merchant message, to an issuer gateway for an issuing bank; 

the issuing bank creating a reference number or value representing the consumer's credit 
or debit card number by preparing a table of credit card or debit card numbers and a 
corresponding table of reference numbers, the issuing bank pairing the consumer's card number 
with a selected reference number and outputting the reference number to the issuer gateway; 

means for verifying at said issuer gateway said merchant's signature to prove that the 
consumer is dealing with the actual merchant and vahdating at said issuer gateway the 
merchant's certificate and the acquirer's certificate to prove that the merchant and issuer share a 
common financial arrangement; 

said issuer gateway verifying the consumer's account and ensuring that fiinds and/or 
credit are available to support the payment amount, then authorizing payment by sending over 
said internet network an authorization token, an issuer's digital certificate, said wallet initiation 
message, and a reference to said consumer's credit or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce plus a merchant identifier and a reference to the consumer's credit or debit card 
number; 

said merchant's computer receiving said authorization token and fiilfilling said order 
description; and 
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the issuing bank converting the reference number into the consumer's card number and 
applying the transaction amount to the consumer's balance in his credit card or deposit account. 



29. The data processing system for electronic commerce of claim 28, which further 
comprises: 

means for sending from said consumer*s computer a start message over the internet 
network to the merchant's computer, to initiate said merchant's message. 



30. The data processing system for electronic commerce of claim 28, wherein said wallet 
initiation message includes a nonce. 



3 1 . The data processing system for electronic commerce of claim 28, wherein said merchant's 
computer further comprises: 

means for receiving said authorization token; 

means for verifying the issuer's signature, digital certificate, the payment amount and 
merchant identity in the authorization token; 

means for verifying the freshness of the authorization token via the timestamp in the 

token; 

means for using the nonce in the authorization token to recognize duplicate tokens; and 
means for fulfilling said order description. 



32. The data processing system for electronic commerce of claim 28, wherein said reference 
to said credit card is a consumer credit or debit account number. 
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33. (Amended) A method for electronic commerce, comprising: 

forming a four party payment protocol for electronic sales including a consumer's computer 
coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the 
merchant computer being further coupled to an acquiring bank computer; 

sending from a merchant's computer over an internet network to a consumer's computer, 
a merchant message including a wallet initiation message, a merchant digital signature, and a 
digital certificate from an acquiring bank, said wallet initiation message including a payment 
amount, an order description, and a timestamp; 

said acquiring bank's digital certificate containing a network address or URL that 
identifies the network location of said acquiring bank contacted via an internet network as part of 
a payment protocol; 

starting a consumer's wallet program in said consumer's computer in response to said 
wallet initiation message; 

sending from said consumer's computer consumer identity and authentication information 
and said merchant message, to an issuer gateway for an issuing bank; 

the issuing bank creating a reference number or value representing the consumer's credit 
or debit card number by preparing a table of credit card or debit card numbers and a 
corresponding table of reference numbers, the issuing bank pairing the consumer's card number 
with a selected reference number and outputting the reference number to the issuer gateway; 

verifying at said issuer gateway said merchant's signature to prove that the consumer is 
dealing with the actual merchant and validating at said issuer gateway the merchant's certificate 
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and the acquirer's certificate to prove that the merchant and issuer share a common financial 
arrangement; 

said issuer gateway verifying the consumer's account and ensuring that funds and/or 
credit are available to support the payment amount, then authorizing payment by sending over 
said internet network an authorization token, an issuer's digital certificate, said wallet initiation 
message, and a reference to said consumer*s credit or debit card number; 

said issuer's digital certificate containing a network address or URL that identifies the 
network location of the issuer contacted via an internet network as part of a payment protocol; 
said authorization token including the payment amount, order description, timestamp, a random 
nonce plus a merchant identifier and a reference to the consumer's credit or debit card number; 

said merchant's computer receiving said authorization token and fulfilling said order 
description; 

said merchant sending a capture request message including the reference number 
representing the consumer's card number over the internet to an acquirer gateway operating on 
behalf of an acquirer bank to capture the transaction and disburse payment to the merchant;. 

the acquiring bank settling accounts with the issuing bank over a private network by 
sending a settlement message that includes the reference number to the consumer's card number; 
and 

the issuing bank converting the reference number into the consumer's card number and 
applying the transaction amount to the consumer's balance in his credit card or deposit account. 
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34. A method for electronic commerce, comprising: 

forming a four party payment protocol for electronic sales including a consumer's computer 
coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the 
merchant computer being further coupled to an acquiring bank computer; 

sending from the consumer's computer consumer to an issuer gateway for an issuing 
bank, an authorization request message containing consumer identity and authentication 
information, payment amount, an order description, a timestamp, a digital certificate representing 
a merchant, and a digital certificate representing the merchant's acquiring bank; 

said merchant's digital certificate containing a merchant identifier unique for the 
acquiring bank; 

said acquiring bank's digital certificate containing a bank identifier unique among all 
banks sharing a common financial arrangement; 

validating at said issuer gateway the merchant's certificate and the acquirer's certificate 
to prove that the merchant, acquirer, and issuer share a common financial arrangement; 

said issuer gateway verifying the consumer's account and ensuring that funds and/or 
credit are available to support the payment amount, then authorizing payment by sending over 
said internet network an authorization token, an issuer's digital certificate, and a reference to said 
consumer's credit or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce, said merchant identifier from the merchant's digital certificate, and said acquiring 
bank identifier from said acquiring bank's digital certificate, plus a reference to the consumer's 
credit or debit card number; 

said authorization token being digitally signed by the issuing bank; 
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said merchant*s computer receiving said authorization token and fulfilling said order description 
said merchant sending a capture request message including the reference number 

representing the consumer*s card number over the internet to an acquirer gateway operating on 

behalf of an acquirer bank to capture the transaction and disburse payment to the merchant;, 
the acquiring bank settling accounts with the issuing bank over a private network by 

sending a settlement message that includes the reference number to the consumer's card number; 

and 

the issuing bank converting the reference number into the consumer's card number and 
applying the transaction amount to the consumer's balance in his credit card or deposit account. 

35. The method for electronic commerce of claim 34, which further comprises: 
sending from a merchant's computer over an internet network to a consumer's computer, a me 
rchant message including a wallet initiation message, a merchant digital certificate, and a digital 
certificate from an acquiring bank, said wallet initiation message including a payment amount, 
an order description, and a timestamp; 

starting a consumer's wallet program in said consumer's computer in response to said 
wallet initiation message; 

said consumer's wallet program sending the authorization request message. 

36. The method for electronic commerce of claim 35, which further comprises: 
including with the wallet initiation message a merchant's digital signature of the wallet 

initiation message; 
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including the wallet initiation message and said merchant's digital signature in the 
authorization request message; 

verifying at said issuer gateway said merchant's signature to prove that the consumer is 
dealing with the actual merchant. 

37. The method for electronic commerce of claim 36, which further comprises: 
sending from said consumer's computer a start message over the Internet network to the 
merchant's computer, to initiate said merchant's message. 

38. The method for electronic commerce of claim 36, wherein said wallet initiation message 
includes a nonce. 

39. The method for electronic commerce of claim 36, wherein said merchant's computer 
further performs the steps comprising: 

receiving said authorization token; 
verifying the issuer's signature, digital certificate, the payment amount and merchant identity in 
the authorization token; 

verifying the freshness of the authorization token via the timestamp in the token; 
using the nonce in the authorization token to recognize duplicate tokens; and 

frilfiUing said order description. 

40. The method for electronic commerce of claim 34, wherein the merchant 
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claims payment through the acquiring bank by forwarding the customer reference number 
and payment amount to the acquiring bank. 

41. The method for electronic commerce of claim 40, where in the case of a subsequent 
dispute, the merchant proves payment authorization by submitting a copy of the authorization 
token and issuer's digital certificate to the acquiring bank. 

42. The method for electronic commerce of claim 34, wherein the merchant 

claims payment through the acquiring bank by forwarding the authorization token and 
issuer's digital certificate to the acquiring bank; 

the acquiring bank verifying the issuer's signature on the authorization token, validating 
the issuer's digital certificate, checking for dupHcates via the timestamp in the authorization 
token; and the acquiring bank paying the amount indicated in the authorization token. 

43. The method for electronic commerce of claim 34, wherein said 
authorization request message and authorization token includes a hash of an 

order description instead of the actual order description, the order description itself being 
available separately at the merchant, the merchant validating that the authorization token refers 
to the same order description by comparing the hash of the order description in the 

authorization token against a locally-computed hash of the same order description. 

44. The method for electronic commerce of claim 34, wherein said 
reference to said credit card is a consumer credit or debit account number. 
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45.. The method for electronic commerce of claim 44, wherein the confidentiality of said 
credit or debit account number is maintained by using a higher-level security protocol, such as 
encrypted email or SSL, to protect the communications among the consumer and the issuer 
gateway, the consumer and the merchant, the issuer gateway and the merchant, and, if 
applicable, the merchant and the acquirer. 



46. A method for electronic commerce, comprising: 

forming a four party payment protocol for electronic sales, the four party payment 
protocol including a consumer's computer coupled to a merchant's computer and to an issuing 
bank computer via an issuer gateway, the merchant computer being further coupled to an 
acquirer bank computer; 

sending from the merchant's computer over an internet network to the consumer's 
computer, a merchant message including a wallet initiation message, and a digital certificate of a 
merchant provided by an acquiring bank, said wallet initiation message including a payment 
amount, an order description, a merchant identifier and a timestamp; 

starting a consumer's wallet program in said consumer's computer in response to said 
wallet initiation message; 

sending from said consumer's computer consumer identity and authentication information 
and said merchant message, to the issuer gateway for an issuing bank; 

the issuing bank creating a reference number or value representing the consumer's credit 
or debit card number by preparing a table of credit card or debit card numbers and a 
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corresponding table of reference numbers, the issuing bank pairing the consumer's card number 
with a selected reference number and outputting the reference number to the issuer gateway; 

verifying at said issuer gateway that the merchant and issuer share a common financial 
arrangement; 

said issuer gateway verifying the consumer's account and ensuring that funds and/or 
credit are available to support the payment amount, then authorizing payment by sending over 
said internet network an authorization token, an issuer's digital certificate, said wallet initiation 
message, and a reference to said consumer's credit or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce plus a merchant identifier and a reference to the consumer's credit or debit card 
number; 

said merchant's computer receiving said authorization token and fulfilling said order 
description; and 

sending a capture request message including the reference number representing the 
consumer's card number over the intemet fi-om the merchant to an acquirer gateway operating on 
behalf of an acquirer bank to capture the transaction and disburse payment to the merchant. 

49. A system for electronic commerce, comprising: 

means for forming a four party payment protocol for electronic sales, the four party 
payment protocol including a consumer's computer coupled to a merchant's computer and to an 
issuing bank computer via an issuer gateway, the merchant computer being fiarther coupled to an 
acquirer bank computer; 
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the merchant's computer sending over an intemet network to the consumers computer, a 
merchant message including a wallet initiation message, and a digital certificate of a merchant 
provided by an acquiring bank, said wallet initiation message including a payment amount, an 
order description, a merchant identifier and a timestamp; 

a consumer's wallet program in said consumer's computer responsive to said wallet 
initiation message, for sending from said consumer's computer consumer identity and 
authentication information and said merchant message, to the issuer gateway for an issuing bank; 

the issuing bank creating a reference number or value representing the consumer's credit 
or debit card number by preparing a table of credit card or debit card numbers and a 
coiTesponding table of reference numbers, the issuing bank pairing the consumer's card number 
with a selected reference number and outputting the reference number to the issuer gateway; 

the issuer gateway verifying that the merchant and issuer share a common financial 
arrangement; 

said issuer gateway verifying the consumer's account and ensuring that funds and/or 
credit are available to support the payment amount, then authorizing payment by sending over 
said intemet network an authorization token, an issuer's digital certificate, said wallet initiation 
message, and a reference to said consumer's credit or debit card number; 

said authorization token including the payment amount, order description, timestamp, a 
random nonce plus a merchant identifier and a reference to the consumer's credit or debit card 
number; 

said merchant's computer receiving said authorization token and fulfilling said order 
description; and 
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settling apparatus which settles [settling] accounts with the issuing bank by the acquiring 
bank over a private network by sending a settlement message that includes the reference number 
to the consumer's card number. 

50. The system of Claim 49 further comprising: 

means for providing the merchant's digital signature and matching certificate to the 
consumer's computer; and 

means for the issuing gateway to sign the authorization token.— 

Please add the following New Claims: 

51. (New) The method of Claim 1 further comprising: 

sending a capture request message including the reference number representing the 
consumer's card number over the internet from the merchant to an acquirer gateway operating on 
behalf of an acquirer bank to capture the transaction and disburse payment to the merchant. 

52. (New) The method of Claim 1 further comprising the step of: 

settling accounts with the issuing bank by the acquiring bank over a private network by 
sending a settlement message that includes the reference number to the consumer's card number. 

53. (New) The method of Claim 1 further comprising the step of 
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